As a reminder, we have prepared additional support resources that are available on our landing page ( ), but if your data is available and you are having trouble downloading it, please contact our support channels by either joining us in chat or by calling +1 (855) 348-9064 (INTL: +44 (0) 2). To check if your historical email data is available, please follow Step 2 on our Data Recovery Resources page ( ) and see if your mailbox is ready to download. Those PST files are now available through the customer portal. We expect that the on-demand solution will be available within two weeks.Īs a reminder, we are proactively notifying customers for whom we have recovered greater than 50% of their mailboxes. We will continue working to recover all data possible as planned, however, in parallel, we are developing an on-demand solution for those customers who do still wish to download their data. This indicates to us that many of our customers have data backed up locally, archived, or otherwise do not need the historical data. However, less than 5% of those customers have actually downloaded the mailboxes we have made available. As of today, more than half of impacted customers have some or all of their data available to them for download. Notably, this information does not impact the ongoing process of recovering historical email data for our Hosted Exchange email customers. Customers who were not contacted directly by the Rackspace team can be assured that their PST data was not accessed by the threat actor. We have already communicated our findings to these customers proactively, and importantly, according to CrowdStrike, there is no evidence that the threat actor actually viewed, obtained, misused, or disseminated emails or data in the PSTs for any of the 27 Hosted Exchange customers in any way. Of the nearly 30,000 customers on the Hosted Exchange email environment at the time of the attack, the forensic investigation determined the threat actor accessed a Personal Storage Table ("PST") of 27 Hosted Exchange customers. We will be sharing more detailed information with our customers and peers in the security community so that, collectively, we can all better defend against these types of exploits in the future.Īs a reminder, no other Rackspace products, platforms, solutions, or businesses were affected or experienced downtime due to this incident. We urge all organizations and security teams to read the blog CrowdStrike recently published about this exploit and learn how to take action to protect your own organization, available at. Microsoft disclosed CVE-2022-41080 as a privilege escalation vulnerability and did not include notes for being part of a Remote Code Execution chain that was exploitable. This zero-day exploit is associated with CVE-2022-41080. The forensic investigation determined that the threat actor, known as PLAY, used a previously unknown security exploit to gain initial access to the Rackspace Hosted Exchange email environment. We have been diligent about this forensic investigation and prioritizing accuracy and precision in everything we say and do, because our credibility is important to us at Rackspace. While there has been widespread speculation that the root cause of this incident was the result of the ProxyNotShell exploit, we can now definitively state that is not accurate. We have recently completed our forensic investigation and are now in a position to share more information about the root cause and full scope of the incident. You can call the following numbers for legacy Datapipe support:įor a full list of countries and contact numbers, visit our main contact page.Our Racker team has been hard at work over the holidays and into the New Year to support recovery efforts. You can also log in to the Cloud Control Panel to access chat support. OpenStack Cloud supportįind API documentation at the Rackspace Developer Docs site and support documentation at the How-To site. You can also log in to the Fanatical Support for AWS Control Panel to access chat support. You can find support documentation in the Fanatical Support for AWS Product Guide. You can also log in to your Cloud Office Control Panel or Webmail account to access phone support, chat support, and the knowledge base. Use the Email Setup Wizard to get help setting up your email and other email-related tasks. You can find support documentation at the How-To Rackspace Email page. Support, the knowledge base, and How-To videos. You can also log in to the MyRackspace Portal to access chat Dedicated Hosting supportĬall Dedicated Hosting support at the following numbers: System statusĬheck the status of your Rackspace products at the System Status page. Rackspace product through the Cloud Control Panel. You can also create a Support ticket and administer your You can reach the Support team by phoneĪnd live chat. Rackspace Support is available 24x7x365 for all products.
0 Comments
Leave a Reply. |